Integrated Annual Report 2023 2 3 4 5 6 7 8 9 1 243 STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL Operating Plans and Strategies The Group undertakes a comprehensive annual budgeting and forecasting exercise during the development of business plans for each operating divisions are aligned with the 5-year Group Operating Plan, including the short-term and longterm strategic plans. Each Business Division is responsible to carry out a detailed analysis on both current and prior years’ performances and identify the strategic priorities for consideration and commitment in the Group Annual Operating Plan (“AOP”), 5-year Group Operating Plan and Strategic Plan. These form the basis for the development of Key Performance Indicators (“KPIs”) to be included in the Group’s Corporate Scorecard and Managing Director/Chief Executive Officer’s Scorecard which are deliberated and reviewed by the Board for approval. The approved AOP, 5-year Group Operating Plan and Strategic Plans are cascaded to the senior management team in each Business Division for planning, monitoring and execution. The Group monitors the business performance of respective Business Divisions through its KPIs and measures them against the approved Group AOP, 5-year Group Operating Plan and Strategic Plan on a regular basis via its General Management Committee meetings and other ad hoc meetings to be carried out by the senior management as and when necessary. Reports and analysis on variances against the Group AOP are prepared and monitored, taking into consideration current and future macro/microeconomic situations and business landscapes. A report on the year-to-date quarterly Group results and performance is submitted and presented to the Board on a quarterly basis. The management is responsible for identifying and executing any mitigation actions, where necessary. Employee’s Authority and Responsibility UEM Edgenta’s internal controls are embedded within the responsibility of each employee as specified in the Job Description. The establishment of performance monitoring serves as a tool to monitor performance against the set KPIs and targets at various levels, covering key financials, customers, internal business processes and learning and growth indicators. Discretionary Authority Limits Clear delegation of authority is defined in the Discretionary Authority Limits (“DAL”), which sets the limit for strategic, operating and capital decisions and expenditures, as well as decision authority for each level of management within the Group, and also the Board’s authority. The DAL is reviewed from time-to-time to ensure effectiveness of strategic and operational executions. Procurement In parallel with the implementation of Oracle ERP, GPCM functions as a centralised and coordinated procurement function to control and manage procurement activities within each of the Group’s key business division, encompassing eight (8) key areas, namely, Procurement Strategy & Performance, Category Management, Vendor Management, Sourcing, Purchasing Admin, Contract Management, Master Data Management, and Inventory Management. The potential risks pertaining to these key areas are mitigated through procedural governance and compliance monitoring of the SOPs users. The SOPs will be reviewed periodically and updated as and when required to ensure continuous improvement of internal controls and taking into consideration any additional process improvement required. The provisions for Integrity & Compliance (i.e., Code of Conduct for Business Partner, Business Partners Letter of Declaration), HSSE Management Requirements are incorporated accordingly in the procurement terms and conditions to create awareness on our anti-bribery, anticorruption, safety and accountability policies amongst our suppliers and contractors at the early stage of engagement with these stakeholders. Insurance on Assets UEM Edgenta always maintains comprehensive insurance coverage such as general, motor, employee, cyber, asset, project and others to mitigate potential losses arising from unforeseen incident. Regular reviews of insurance coverage are conducted to align with the dynamic business environment and changing operational profiles, ensuring that the level of coverage remains sufficient and responsive to evolving risk factors.
RkJQdWJsaXNoZXIy NDgzMzc=